If Your Password Is 123456, Just Make It HackMe (Signal Blog)

I've been accused of beating the issue of 'password security' to death over the years, but it continues to be a very serious problem, so I have to bring it up again. What is so hard to understand about this issue?

Despite all the reports of Internet security breaches over the years, including the recent attacks on Google's e-mail service, many people have reacted to the break-ins with a shrug...
Imperva found that nearly 1 percent of the 32 million people it studied had used "123456" as a password. The second-most-popular password was "12345." Others in the top 20 included "qwerty," "abc123" and "princess."

More disturbing, said Mr. Shulman, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords.

That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute.

"We tend to think of password guessing as a very time-consuming attack in which I take each account and try a large number of name-and-password combinations," Mr. Shulman said. "The reality is that you can be very effective by choosing a small number of common passwords."

home about signal people contact
client center client tools login web mail login web mail email address password client tools username password Forgot your password? NOTE: If you are a client of Signal's but your email is hosted elsewhere, create an account email address
	Signal Blog January 21, 2010 If Your Password Is 123456, Just Make It HackMe Posted by David Zahn on January 21, 2010 2:29 PM I've been accused of beating the issue of 'password security' to death over the years, but it continues to be a very serious problem, so I have to bring it up again. What is so hard to understand about this issue? Despite all the reports of Internet security breaches over the years, including the recent attacks on Google's e-mail service, many people have reacted to the break-ins with a shrug... Imperva found that nearly 1 percent of the 32 million people it studied had used "123456" as a password. The second-most-popular password was "12345." Others in the top 20 included "qwerty," "abc123" and "princess." More disturbing, said Mr. Shulman, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords. That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute. "We tend to think of password guessing as a very time-consuming attack in which I take each account and try a large number of name-and-password combinations," Mr. Shulman said. "The reality is that you can be very effective by choosing a small number of common passwords." Read more at the NYTimes Permalink	services design programming analytics & marketing managed services social media marketing portfolio Citi Performing Arts Center Cabot Cheese Smugglers' Notch Resort Blue Cross Blue Shield Zutano Hanover Theatre Telwares Agri-Mark Fresh Gourmet Biltmore Technologies Elemental Power HKMP National Life Group Foundation Pulmac Sarducci's Restaurant Vermont Quality Wood Products client list reading list Engage: The Complete Guide for Brands and Businesses to Build, Cultivate, and Measure Success Socialnomics: How social media transforms the way we live and do business The Wealth of Networks: How Social Production Transforms Markets and Freedom The Tipping Point: How Little Things Can Make a Big Difference

Signal 535 stone cutters way, montpelier, vt, 05602 tel: 802.229.4149 fax: 802.229.0117 info@signalz.com

Signal Blog

January 21, 2010

If Your Password Is 123456, Just Make It HackMe